From d7e00ef5b500467c5f4bd05913751fd1c79816b9 Mon Sep 17 00:00:00 2001 From: "Md. Ashikul Alam" Date: Thu, 22 Aug 2024 16:53:42 +0600 Subject: [PATCH 1/5] chore: protect individual certificate endpoint with token --- src/index.ts | 1 - 1 file changed, 1 deletion(-) diff --git a/src/index.ts b/src/index.ts index 029ee5ecf..1406b49a6 100644 --- a/src/index.ts +++ b/src/index.ts @@ -244,7 +244,6 @@ export async function createServer() { path: '/certificates/{event}.svg', handler: certificateHandler, options: { - auth: false, tags: ['api', 'certificates'], description: 'Returns only one certificate metadata' } From 43019f88887422fc7674d76d6994bc991c31413b Mon Sep 17 00:00:00 2001 From: "Md. Ashikul Alam" Date: Thu, 22 Aug 2024 17:18:27 +0600 Subject: [PATCH 2/5] chore: add event cert route in production --- src/index.ts | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/src/index.ts b/src/index.ts index 1406b49a6..2a3b8574b 100644 --- a/src/index.ts +++ b/src/index.ts @@ -238,17 +238,15 @@ export async function createServer() { server.auth.default('jwt') - if (process.env.NODE_ENV !== 'production') { - server.route({ - method: 'GET', - path: '/certificates/{event}.svg', - handler: certificateHandler, - options: { - tags: ['api', 'certificates'], - description: 'Returns only one certificate metadata' - } - }) - } + server.route({ + method: 'GET', + path: '/certificates/{event}.svg', + handler: certificateHandler, + options: { + tags: ['api', 'certificates'], + description: 'Returns only one certificate metadata' + } + }) // add ping route by default for health check server.route({ method: 'GET', From 1413636bea661f02e66cdf3eb6d181af3c374977 Mon Sep 17 00:00:00 2001 From: "Md. Ashikul Alam" Date: Thu, 22 Aug 2024 17:22:17 +0600 Subject: [PATCH 3/5] chore: clean up redundant certificate route --- src/data-seeding/certificates/handler.ts | 36 +++--------------------- src/index.ts | 10 ------- 2 files changed, 4 insertions(+), 42 deletions(-) diff --git a/src/data-seeding/certificates/handler.ts b/src/data-seeding/certificates/handler.ts index 57ee2ed35..5c24517fa 100644 --- a/src/data-seeding/certificates/handler.ts +++ b/src/data-seeding/certificates/handler.ts @@ -13,36 +13,8 @@ import { Request, ResponseToolkit } from '@hapi/hapi' import { readFileSync } from 'fs' export async function certificateHandler(request: Request, h: ResponseToolkit) { - if (request.params.event) { - const res = readFileSync( - `./src/data-seeding/certificates/source/Farajaland-${request.params.event}-certificate-v2.svg` - ).toString() - return h.response(res).code(200) - } - - const Certificates = [ - { - event: 'birth', - fileName: 'Farajaland-birth-certificate-v2.svg', - svgCode: readFileSync( - './src/data-seeding/certificates/source/Farajaland-birth-certificate-v2.svg' - ).toString() - }, - { - event: 'death', - fileName: 'Farajaland-death-certificate-v2.svg', - svgCode: readFileSync( - './src/data-seeding/certificates/source/Farajaland-death-certificate-v2.svg' - ).toString() - }, - { - event: 'marriage', - fileName: 'Farajaland-marriage-certificate-v2.svg', - svgCode: readFileSync( - './src/data-seeding/certificates/source/Farajaland-marriage-certificate-v2.svg' - ).toString() - } - ] - const res = JSON.stringify(Certificates) - return h.response(res) + const res = readFileSync( + `./src/data-seeding/certificates/source/Farajaland-${request.params.event}-certificate-v2.svg` + ).toString() + return h.response(res).code(200) } diff --git a/src/index.ts b/src/index.ts index 2a3b8574b..907127921 100644 --- a/src/index.ts +++ b/src/index.ts @@ -487,16 +487,6 @@ export async function createServer() { } }) - server.route({ - method: 'GET', - path: '/certificates', - handler: certificateHandler, - options: { - tags: ['api', 'certificates'], - description: 'Returns certificate metadata' - } - }) - server.route({ method: 'GET', path: '/roles', From 6c0645bf492b42b3699a0d2895b3cd3cdb06877a Mon Sep 17 00:00:00 2001 From: "Md. Ashikul Alam" Date: Tue, 27 Aug 2024 18:46:12 +0600 Subject: [PATCH 4/5] docs: update changelog(7464) --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index af7192b61..752196068 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -4,6 +4,7 @@ ### Bug fixes +- Protect individual certificate endpoint with token - Kibana disk space alerts now work regardless of your disk device names. Alerts listen devices mounted both to `/` and `/data` (encrypted data partition) - "Publish release" pipeline now correctly uses the "Branch to build from" value as the branch to be tagged. Previously it tried tagging "master". "Release tag" is also now used as the release version as is instead of it being read from `package.json`. From ada7c65be644a7404a7a1c8948c3d98a290cce1c Mon Sep 17 00:00:00 2001 From: "Md. Ashikul Alam" Date: Wed, 28 Aug 2024 18:13:43 +0600 Subject: [PATCH 5/5] chore: relocate certificate folder from data-seeding --- src/{data-seeding => api}/certificates/handler.ts | 2 +- .../certificates/source/Farajaland-birth-certificate-v2.svg | 0 .../certificates/source/Farajaland-death-certificate-v2.svg | 0 .../certificates/source/Farajaland-marriage-certificate-v2.svg | 0 .../certificates/source/test/UsingAddressHandlebars.svg | 0 .../certificates/source/test/UsingSignatureHandlebars.svg | 0 src/index.ts | 2 +- 7 files changed, 2 insertions(+), 2 deletions(-) rename src/{data-seeding => api}/certificates/handler.ts (87%) rename src/{data-seeding => api}/certificates/source/Farajaland-birth-certificate-v2.svg (100%) rename src/{data-seeding => api}/certificates/source/Farajaland-death-certificate-v2.svg (100%) rename src/{data-seeding => api}/certificates/source/Farajaland-marriage-certificate-v2.svg (100%) rename src/{data-seeding => api}/certificates/source/test/UsingAddressHandlebars.svg (100%) rename src/{data-seeding => api}/certificates/source/test/UsingSignatureHandlebars.svg (100%) diff --git a/src/data-seeding/certificates/handler.ts b/src/api/certificates/handler.ts similarity index 87% rename from src/data-seeding/certificates/handler.ts rename to src/api/certificates/handler.ts index 5c24517fa..658e04eb6 100644 --- a/src/data-seeding/certificates/handler.ts +++ b/src/api/certificates/handler.ts @@ -14,7 +14,7 @@ import { readFileSync } from 'fs' export async function certificateHandler(request: Request, h: ResponseToolkit) { const res = readFileSync( - `./src/data-seeding/certificates/source/Farajaland-${request.params.event}-certificate-v2.svg` + `./src/api/certificates/source/Farajaland-${request.params.event}-certificate-v2.svg` ).toString() return h.response(res).code(200) } diff --git a/src/data-seeding/certificates/source/Farajaland-birth-certificate-v2.svg b/src/api/certificates/source/Farajaland-birth-certificate-v2.svg similarity index 100% rename from src/data-seeding/certificates/source/Farajaland-birth-certificate-v2.svg rename to src/api/certificates/source/Farajaland-birth-certificate-v2.svg diff --git a/src/data-seeding/certificates/source/Farajaland-death-certificate-v2.svg b/src/api/certificates/source/Farajaland-death-certificate-v2.svg similarity index 100% rename from src/data-seeding/certificates/source/Farajaland-death-certificate-v2.svg rename to src/api/certificates/source/Farajaland-death-certificate-v2.svg diff --git a/src/data-seeding/certificates/source/Farajaland-marriage-certificate-v2.svg b/src/api/certificates/source/Farajaland-marriage-certificate-v2.svg similarity index 100% rename from src/data-seeding/certificates/source/Farajaland-marriage-certificate-v2.svg rename to src/api/certificates/source/Farajaland-marriage-certificate-v2.svg diff --git a/src/data-seeding/certificates/source/test/UsingAddressHandlebars.svg b/src/api/certificates/source/test/UsingAddressHandlebars.svg similarity index 100% rename from src/data-seeding/certificates/source/test/UsingAddressHandlebars.svg rename to src/api/certificates/source/test/UsingAddressHandlebars.svg diff --git a/src/data-seeding/certificates/source/test/UsingSignatureHandlebars.svg b/src/api/certificates/source/test/UsingSignatureHandlebars.svg similarity index 100% rename from src/data-seeding/certificates/source/test/UsingSignatureHandlebars.svg rename to src/api/certificates/source/test/UsingSignatureHandlebars.svg diff --git a/src/index.ts b/src/index.ts index 907127921..90b416f45 100644 --- a/src/index.ts +++ b/src/index.ts @@ -49,7 +49,7 @@ import { ErrorContext } from 'hapi-auth-jwt2' import { mapGeojsonHandler } from '@countryconfig/api/dashboards/handler' import { formHandler } from '@countryconfig/form' import { locationsHandler } from './data-seeding/locations/handler' -import { certificateHandler } from './data-seeding/certificates/handler' +import { certificateHandler } from './api/certificates/handler' import { rolesHandler } from './data-seeding/roles/handler' import { usersHandler } from './data-seeding/employees/handler' import { applicationConfigHandler } from './api/application/handler'